Proxmark/proxmark3
1
1
Fork 0
mirror of https://github.com/Proxmark/proxmark3.git synced 2024-09-21 23:36:51 +08:00
Code Issues Packages Projects Releases Wiki Activity

mf check keys in lua-space

Browse source
This commit is contained in:
martin.holst@gmail.com 2013-06-07 09:26:56 +00:00
parent c00f0dbfda
commit 16b04cb291
2 changed files with 296 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

153
client/mf_default_keys.lua Normal file
View file

@ -0,0 +1,153 @@
local _keys = {
--[[
These keys are from the pm3 c-codebase.
--]]
'fffffffffff0', -- Default key (first key used by program if no user defined key)
'000000000000', -- Blank key
'a0a1a2a3a4a5', -- NFCForum MAD key
'b0b1b2b3b4b5',
'aabbccddeeff',
'4d3a99c351dd',
'1a982c7e459a',
'd3f7d3f7d3f7',
'714c5c886e97',
'587ee5f9350f',
'a0478cc39091',
'533cb6c723f6',
'8fd0a4f256e9',
--[[
The data below is taken form the Slurp project,
https://github.com/4ZM/slurp/blob/master/res/xml/mifare_default_keys.xml
released as GPLV3.
--]]
'000000000000', -- Default key
'fffffffffff0', -- Default key
'b0b1b2b3b4b5', -- Key from mfoc
'4d3a99c351dd', -- Key from mfoc
'1a982c7e459a', -- Key from mfoc
'aabbccddeeff', -- Key from mfoc
'714c5c886e97', -- Key from mfoc
'587ee5f9350f', -- Key from mfoc
'a0478cc39091', -- Key from mfoc
'533cb6c723f6', -- Key from mfoc
'8fd0a4f256e9', -- Key from mfoc
-- Data from: http://pastebin.com/wcTHXLZZ
'a64598a77478', -- RKF SL Key A
'26940b21ff5d', -- RKF SL Key A
'fc00018778f7', -- RKF SL Key A
'00000ffe2488', -- RKF SL Key B
'5c598c9c58b5', -- RKF SL Key B
'e4d2770a89be', -- RKF SL Key B
-- Data from: http://pastebin.com/svGjN30Q
'434f4d4d4f41', -- RKF JOJO GROUP Key A
'434f4d4d4f42', -- RKF JOJO GROUP Key B
'47524f555041', -- RKF JOJO GROUP Key A
'47524f555042', -- RKF JOJO GROUP Key B
'505249564141', -- RKF JOJO PRIVA Key A
'505249564142', -- RKF JOJO PRIVA Key B
-- Data from: http://pastebin.com/d7sSetef
'fc00018778f7', -- RKF Rejskort Danmark Key A
'00000ffe2488', -- RKF Rejskort Danmark Key B
'0297927c0f77', -- RKF Rejskort Danmark Key A
'ee0042f88840', -- RKF Rejskort Danmark Key B
'722bfcc5375f', -- RKF Rejskort Danmark Key A
'f1d83f964314', -- RKF Rejskort Danmark Key B
-- Data from: http://pastebin.com/pvJX0xVS
'54726176656C', -- Transport Key A
'776974687573', -- Transport Key B
'4AF9D7ADEBE4', -- Directory and event log Key A
'2BA9621E0A36', -- Directory and event log Key B
-- Data from: http://pastebin.com/Dnnc5dFC
-- New cards are not encrypted (MF Ultralight)
'fc00018778f7', -- Västtrafiken Key A
'00000ffe2488', -- Västtrafiken Key B
'0297927c0f77', -- Västtrafiken Key A
'ee0042f88840', -- Västtrafiken Key B
'54726176656c', -- Västtrafiken Key A
'776974687573', -- Västtrafiken Key B
-- Data from: http://pastebin.com/y3PDBWR1
'000000000001',
'a0a1a2a3a4a5',
'123456789abc',
'b127c6f41436',
'12f2ee3478c1',
'34d1df9934c5',
'55f5a5dd38c9',
'f1a97341a9fc',
'33f974b42769',
'14d446e33363',
'c934fe34d934',
'1999a3554a55',
'27dd91f1fcf1',
'a94133013401',
'99c636334433',
'43ab19ef5c31',
'a053a292a4af',
'434f4d4d4f41',
'434f4d4d4f42',
'505249565441',
'505249565442',
-- Data from,:, http://pastebin.com/TUXj17K3
'fc0001877bf7', -- RKF ÖstgötaTrafiken Key A
'00000ffe2488', -- RKF ÖstgötaTrafiken Key B
'0297927c0f77', -- RKF ÖstgötaTrafiken Key A
'ee0042f88840', -- RKF ÖstgötaTrafiken Key B
'54726176656c', -- RKF ÖstgötaTrafiken Key A
'776974687573', -- RKF ÖstgötaTrafiken Key B
--[[
The keys below are taken from from https://code.google.com/p/mifare-key-cracker/downloads/list
--]]
'bd493a3962b6',
'010203040506',
'111111111111',
'222222222222',
'333333333333',
'444444444444',
'555555555555',
'666666666666',
'777777777777',
'888888888888',
'999999999999',
'aaaaaaaaaaaa',
'bbbbbbbbbbbb',
'cccccccccccc',
'dddddddddddd',
'eeeeeeeeeeee',
'0123456789ab',
'123456789abc',
'ffffffffffff', -- Default key
}
--[[
The keys above have just been pasted in, for completeness sake. They contain duplicates.
We need to weed the duplicates out before we expose the list to someone who actually wants to use them
--]]
local function uniq(list)
local foobar = {}
--print("list length ", #list)
for _, value in pairs(list) do
value = value:lower()
if not foobar[value] then
foobar[value] = true
table.insert(foobar, value);
end
end
--print("final list length length ", #foobar)
return foobar
end
return uniq(_keys)

143
client/scripts/mfkeys.lua Normal file
View file

@ -0,0 +1,143 @@
--[[
This is an example of Lua-scripting within proxmark3. This is a lua-side
implementation of hf mf chk
This code is licensed to you under the terms of the GNU GPL, version 2 or,
at your option, any later version. See the LICENSE.txt file for the text of
the license.
Copyright (C) 2013 m h swende <martin at swende.se>
]]
-- Loads the commands-library
local cmds = require('commands')
-- Load the default keys
local keys = require('mf_default_keys')
local desc =
("This script implements check keys. It utilises a large list of default keys (currently %d keys).\
If you want to add more, just put them inside mf_default_keys.lua. "):format(#keys)
local TIMEOUT = 10000 -- 10 seconds
local function checkCommand(command)
--print("Sending this command : " .. tostring(command))
local usbcommand = command:getBytes()
core.SendCommand(usbcommand)
local result = core.WaitForResponseTimeout(cmds.CMD_ACK,TIMEOUT)
if result then
local count,cmd,arg0 = bin.unpack('LL',result)
if(arg0==1) then
local count,arg1,arg2,data = bin.unpack('LLH511',result,count)
key = data:sub(1,12)
return key
else
--print("Key not found...")
return nil
end
else
print("Timeout while waiting for response. Increase TIMEOUT in keycheck.lua to wait longer")
return nil, "Timeout while waiting for device to respond"
end
end
function checkBlock(blockNo, keys, keyType)
-- The command data is only 512 bytes, each key is 6 bytes, meaning that we can send max 85 keys in one go.
-- If there's more, we need to split it up
local start, remaining= 1, #keys
local packets = {}
while remaining > 0 do
local n,data = remaining, nil
if remaining > 85 then n = 85 end
local data = table.concat(keys,"",start,n)
--print("data",data)
--print("data len", #data)
print(("Testing block %d, keytype %d, with %d keys"):format(blockNo, keyType, n))
local command = Command:new{cmd = cmds.CMD_MIFARE_CHKKEYS,
arg1 = blockNo,
arg2 = keyType,
arg3 = n,
data = data}
local status = checkCommand(command)
if status then return status, blockNo end
start = start+n+1
remaining = remaining - n
end
return nil
end
-- A function to display the results
local function displayresults(results)
local sector, blockNo, keyA, keyB,_
print("________________________________________")
print("|Sector|Block| A | B |")
print("|--------------------------------------|")
for sector,_ in pairs(results) do
blockNo, keyA, keyB = unpack(_)
print(("| %3d | %3d |%s|%s|"):format(sector, blockNo, keyA, keyB ))
end
print("|--------------------------------------|")
end
-- A little helper to place an item first in the list
local function placeFirst(akey, list)
akey = akey:lower()
if list[1] == akey then
-- Already at pole position
return list
end
local result = {akey}
--print(("Putting '%s' first"):format(akey))
for i,v in ipairs(list) do
if v ~= akey then
result[#result+1] = v
end
end
return result
end
local function main()
print(desc);
core.clearCommandBuffer()
local blockNo
local keyType = 0 -- A=0, B=1
local result = {}
for sector=1,40,1 do
--[[
The mifare Classic 1k card has 16 sectors of 4 data blocks each. The
first 32 sectors of a mifare Classic 4k card consists of 4 data blocks and the remaining
8 sectors consist of 16 data blocks.
--]]
local blockNo = sector * 4 -1
if sector > 32 then
blockNo = 32*4+ (sector-32)*16 -1
end
local keyA = checkBlock(blockNo, keys, 0)
if keyA then keys = placeFirst(keyA, keys) end
keyA = keyA or ""
local keyB = checkBlock(blockNo, keys, 1)
if keyB then keys = placeFirst(keyB, keys) end
keyB = keyB or ""
result[sector] = {blockNo, keyA, keyB }
-- Check if user aborted
if core.ukbhit() then
print("Aborted by user")
break
end
end
displayresults(result)
end
main()